Categories: Malware

What is “Bulz.741614”?

The Bulz.741614 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.741614 virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (2 unique times)
Creates RWX memory
A process attempted to delay the analysis task.
Performs some HTTP requests
Uses Windows utilities for basic functionality
Installs itself for autorun at Windows startup
Creates a hidden or system file
Detects VirtualBox through the presence of a registry key
Attempts to modify proxy settings
Anomalous binary characteristics

Related domains:

www.bing.com

How to determine Bulz.741614?


File Info:
crc32: 55029947md5: 773f8ab6d13c7283e2f5e257e5c2d1c9name: 773F8AB6D13C7283E2F5E257E5C2D1C9.mlwsha1: bee9679917e7e9a6a2df1a531c84818821f31e0fsha256: 237ee5ffe383e7fc483c70813d098a4fab94ba77633d78f5b1035603cdd2264fsha512: 1f44670cb6ac00e7efb8d8d0de9bda0bc931d7114b8f8803d17fe5ee69f7e6e45245291dad4d692da29f5886364e71fb0a5700f5569c83d90bbd1c3bb7371745ssdeep: 384:9YAGtrr51Zpb2OWFA3THSVT7ZPWjlsIDn7f1qjdtlCylG9wpY3DB0sohs0hv:92Br/3TWSs7t0lbEjdKylGyp6z1uvtype: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, PECompact2 compressed
Version Info:
0: [No Data]

Bulz.741614 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	NetWorm ( 700000151 )
Lionic	Trojan.Win32.VB.a!c
Elastic	malicious (high confidence)
DrWeb	BackDoor.Generic.1611
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.ZbotVMF.S23808933
ALYac	Gen:Variant.Bulz.741614
Cylance	Unsafe
Zillya	Downloader.VB.Win32.108117
CrowdStrike	win/malicious_confidence_90% (D)
Alibaba	TrojanDownloader:Win32/GenDownloader.fcb9b029
K7GW	NetWorm ( 700000151 )
Cybereason	malicious.6d13c7
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/TrojanDownloader.VB.PSX
APEX	Malicious
Avast	Win32:VB-EUO [Trj]
ClamAV	Win.Downloader.Alphabet-9864918-0
Kaspersky	Trojan-Downloader.Win32.VB.bbg
BitDefender	Gen:Variant.Bulz.741614
NANO-Antivirus	Trojan.Win32.VB.fgolzw
MicroWorld-eScan	Gen:Variant.Bulz.741614
Tencent	Win32.Trojan-downloader.Vb.Aglj
Ad-Aware	Gen:Variant.Bulz.741614
Sophos	Mal/Generic-R + Troj/VB-ECV
Comodo	Packed.Win32.MPEC.Gen@2oey7k
BitDefenderTheta	AI:Packer.A251A14F1F
McAfee-GW-Edition	BehavesLike.Win32.Generic.nm
FireEye	Generic.mg.773f8ab6d13c7283
Emsisoft	Gen:Variant.Bulz.741614 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	TrojanDownloader.VB.czrp
Avira	TR/Patched.Ren.Gen
eGambit	Unsafe.AI_Score_99%
Microsoft	Trojan:Win32/Skeeyah.A!rfn
Arcabit	Trojan.Bulz.DB50EE
GData	Gen:Variant.Bulz.741614
Acronis	suspicious
McAfee	GenDownloader.s
MAX	malware (ai score=100)
VBA32	Trojan.Win32.VB.5981
Panda	Generic Malware
Rising	Trojan.DL.VB.nwq (CLASSIC)
Yandex	Trojan.GenAsa!Urk5MsP7eNc
Ikarus	Gen.Trojan
Fortinet	W32/VB.CEJ!tr
AVG	Win32:VB-EUO [Trj]
Paloalto	generic.ml